Application Delivery Management

Zero-touch certificate management

October 24, 2024

Contributed by:

In NetScaler Console, you can configure zero-touch certificate management on the managed NetScaler instances running build 14.1-34.x and later. With zero-touch certificate management, you eliminate manual interventions and build an in-memory zero-touch certificate store to serve the application requests. Navigate to Infrastructure > SSL Dashboard > Zero-Touch Certificate Management to upload all the certificates and keys on NetScaler Console, and enable it on the managed NetScaler instances. NetScaler periodically polls the certificate repository and delivers the necessary certificates as required.

With zero-touch certificate management, the following processes are automatically done by NetScaler:

Adding, binding, and linking the certificates
Providing the certificates and keys in a specific order or together
Installing and using the suitable certificates based on the requests
Deleting the expired certificates during the periodic polling cycle

For more information on how the zero-touch certificate works on NetScaler instances, see NetScaler zero touch certificate management.

As an administrator, you must ensure the following in NetScaler Console:

NetScaler instances are running build 14.1-34.x or later and they are managed in NetScaler Console.
Upload the certificates (in any format) and keys. Then, enable zero-touch on the managed NetScaler instances.

Upload certificates

Navigate to Infrastructure > SSL Dashboard > Zero-Touch Certificate Management.
Click Get Started.
NetScaler instances running build 14.1-34.x or later are listed. You can either click Configure zero-touch to enable zero-touch or click Skip to proceed the next step.
Click Upload to upload all the certificates (can be in any format, such as .pem, .cer, and .crt).
Notes:
- The certificate or key file must be less than 8192 bytes.
- If you are uploading multiple certificates or key files, the maximum supported size is 50000 bytes.
- If the certificates or key files are password-protected, ensure that you provide the password. If the password is not provided, the certificate or the key file is not uploaded.

Enable zero-touch certificate management

After you upload the certificates, you must enable zero-touch on the managed NetScaler instances.

From the Zero-Touch Certificate Management page, click Configure zero-touch.
Click Add instances, select the instances, and then click Enable.

NetScaler Console uses the default polling interval to poll all certificates from the NetScaler instances. You can use the Poll Now option to poll immediately.

In the SSL dashboard, you can also view zero-touch certificate usage that shows details about the active and inactive certificates.

SSL dashboard view

The official version of this content is in English. Some of the Cloud Software Group documentation content is machine translated for your convenience only. Cloud Software Group has no control over machine-translated content, which may contain errors, inaccuracies or unsuitable language. No warranty of any kind, either expressed or implied, is made as to the accuracy, reliability, suitability, or correctness of any translations made from the English original into any other language, or that your Cloud Software Group product or service conforms to any machine translated content, and any warranty provided under the applicable end user license agreement or terms of service, or any other agreement with Cloud Software Group, that the product or service conforms with any documentation shall not apply to the extent that such documentation has been machine translated. Cloud Software Group will not be held responsible for any damage or issues that may arise from using machine-translated content.

Was this helpful

Zero-touch certificate management

October 24, 2024

Contributed by:

October 24, 2024

Contributed by:

Zero-touch certificate management

Upload certificates

Enable zero-touch certificate management

In this article